WHAT IS CLAIMED IS: 



1 LA system for providing terminals controlled access to a public network 

2 using the public network connection of a private network, comprising: 

3 a network access point for establishing a network connection with a said 

4 terminal; 

5 a network access server; 

6 a first network interface between said network access server and said network 

7 access point; 

8 a second network interface between said network access server and said public 

9 network connection of said private network; 

10 said network access server being configured to establish and control a network 

f 4 1 connection between a said terminal having a network connection with said network access 

]| 2 point and said public network through said public network connection of said private network 

14 3 without a network connection being established between said terminal and said private 

lJt4 network. 

%y\ 2. The system of claim 1 wherein said network access point has a 

G 2 wireless network interface for establishing a wireless network connection with a said 

rjT 3 terminal. 

q i 3. The system of claim 2 wherein said terminal has a wireless network 

P 2 interface for establishing a wireless network connection with said network access point. 

1 4. The system of claim 3 wherein said terminal is a mobile terminal. 

1 5. The system of claim 4 wherein said terminal and said network access 

2 point communicate via Bluetooth protocol. 

1 6. The system of claim 4 wherein said terminal and said network access 

2 point communicates via IEEE 802. 1 IX wireless LAN protocol. 

1 7. The system of claim 1 including a third network interface between said 

2 network access server and said private network to enable network communication between 

3 said network access server and said private network. 
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1 8. The system of claim 1 wherein said network access server is resident in 

2 said network access point. 

1 9. The system of claim 1 wherein said network access server and said 

2 network access point are co-resident in a computer. 

1 10, The system of claim 1 wherein said network access server is resident in 

2 a computer and wherein said computer comprises an interface between said network access 

3 point and said private network. 

1 11. The system of claim 7 wherein said network access server is resident in 

2 said third network interface. 

1 12. The system of claim 1 1 wherein said third network interface comprises 

2 a local area network adaptor. 

1 13. The system of claim 1 wherein said network access server comprises 

2 software to register terminals and software to limit access to the public network to registered 

3 terminals. 

1 14. The system of claim 7 wherein said network access server comprises 

2 facilities to prevent access by said terminals to said private network. 

1 15. The system of claim 14 wherein said facilities include facilities to 

2 configure separate public access and private access subnetworks. 

1 16. The system of claim 14 wherein said facilities include an IP address 

2 filter. 

1 17. The system of claim 7 wherein said network access server comprises 

2 software to facilitate encrypting and decrypting data sent and received by said mobile 

3 terminal over said public network. 

1 18. The system of claim 1 wherein said network access server comprises 

2 facilities for dynamically providing network configuration data to said terminals. 
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1 19. The system of claim 1 wherein said network access server comprises 

2 facilities to route data communicated to and from said mobile terminal over said public 

3 network. 

1 20. The system of claim 1 wherein said network access server comprises 

2 software for controlling bandwidth useage by said terminals. 

1 21 . The system of claim 1 wherein said network access server comprises 

2 software to monitor and record network useage by said terminals. 

1 22. The system of claim 1 wherein said network access server comprises 

2 software to provide mobile IP support for said wireless, mobile terminals. 

1 23. The system of claim 1 wherein said network access server comprises a 

2 database for maintaining selected information concerning registered terminals. 

1 24. The system of claim 1 wherein said network access server comprises 

2 facilities for providing telephony services to said mobile terminals. 

1 25. The system of claim 1 including an integration operator network 

2 adapted to communicate with said network access server over said public network, said 

3 integration operator network comprising facilities to manage public network access by said 

4 mobile terminal through said network access server. 

1 26. The system of claim 25 wherein said integration operator network 

2 comprises a central database for maintaining selected information about said network access 

3 servers and said registered terminals, and selected network access and useage policies. 

1 27. The system of claim 25 wherein said selected information about said 

2 network access servers includes at least one of provider identification, network configuration 

3 information, data encryption information, network useage policy information, and provider 

4 accounting information, 

1 28. The system of claim 25 wherein said selected information about said 

2 registered terminals includes at least one of authorized user identity, terminal address, 

3 terminal security policy, terminal service plan identification, data encryption information, 

4 terminal status in network, network useage accounting information. 
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1 29. The system of claim 25 wherein said selected network access and 

2 useage policies include at least one of public network access policy information, bandwidth 

3 useage policy information, and network traffic priority policy information. 

1 30. A method for providing terminals controlled access to a public network 

2 using the public network connection of a private network, comprising: 

3 providing a network access point for establishing a network connection with a 

4 said terminal; 

5 providing a network access server; 

6 providing a first network interface between said network access server and 

7 said network access point; 

8 providing a second network interface between said network access server and 
I % 9 said public network connection of said private network; 

^40 configuring said network access server to establish and control a network 

ti 1 1 connection between a said terminal having a network connection with said network access 

Z 12 point and said public network through said public network connection of said private network 

%Bl3 without a network connection being established between said terminal and said private 

q14 network. 

5Z 1 31. The method of claim 30 including providing said network access point 

O 2 with a wireless network interface for establishing a wireless network connection with a said 

3 terminal. 

1 32. The method of claim 3 1 including providing said terminal with a 

2 wireless network interface for establishing a wireless network connection with said network 

3 access point. 

1 33. The method of claim 32 wherein said terminal is a mobile terminal. 

1 34. The method of claim 33 wherein said terminal and said network access 

2 point communicate via Bluetooth protocol. 

1 35. The method of claim 33 wherein said terminal and said network access 

2 point communicate via IEEE 802.1 IX wireless LAN protocol. 
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1 36. The method of claim 30 including providing a third network interface 

2 between said network access server and said private network to enable network 

3 communication between said network access server and said private network. 

1 37. The method of claim 30 including incorporating said network access 

2 server in said network access point. 

1 38. The method of claim 30 including integrating said network access 

2 server and said network access point in a computer. 

1 39. The method of claim 30 including incorporating said network access 

2 server in a computer that comprises an interface between said network access point and said 

3 private network. 

1 40. The method of claim 36 including incorporating said network access 

2 server in said third network interface. 

1 41 . The method of claim 40 wherein said third network interface 

2 comprises a local area network adaptor. 

1 42. The method of claim 30 including providing said network access 

2 server with software to register terminals and software to limit access to the public network to 

3 registered terminals. 

1 43. The method of claim 42 wherein said software to register terminals is 

2 operative to automatically begin a registration process with respect to a said terminal when 

3 said terminal is comes within communication range of said network access point. 

1 44. The method of claim 36 including providing said network access 

2 server with facilities to prevent access by said terminals to said private network. 

1 45. The method of claim 44 wherein said facilities include facilities to 

2 configure separate public access and private access subnetworks. 

1 46. The method of claim 44 wherein said facilities include an IP address 

2 filter. 
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1 47. The method of claim 30 including providing said network access 

2 server with software to facilitate encrypting and decrypting data sent and received by said 

3 mobile terminal over said public network. 

1 48. The method of claim 30 including providing said network access 

2 server with facilities for dynamically providing network configuration data to said terminals. 

1 49. The method of claim 30 including providing said network access 

2 server with facilities to route data communicated to and from said mobile terminal over said 

3 public network. 

1 50. The method of claim 30 including providing said network access 

2 server with software for controlling bandwidth useage by said terminals. 

1 51. The method of claim 30 including providing said network access 

2 server with software to monitor and record network useage by said terminals. 

1 52. The method of claim 33 including providing said network access 

2 server with software to provide mobile IP support for said wireless, mobile terminals. 

1 53. The method of claim 30 including providing said network access 

2 server with a database for maintaining selected information concerning registered terminals. 

1 54. The method of claim 30 including providing said network access 

2 server with facilities for providing telephony services to said terminals. 

1 55. The method of claim 30 including providing an integration operator 

2 network adapted to communicate with said network access server over said public network, 

3 said integration operator network comprising facilities to manage public network access by 

4 said mobile terminal through said network access server. 

1 56. The method of claim 55 including providing said integration operator 

2 network with a central database for maintaining selected information about said network 

3 access servers and said registered terminals, and selected network access and useage policies. 

1 57. The method of claim 55 wherein said selected information about said 

2 network access servers includes at least one of provider identification, network configuration 
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3 information, data encryption information, network useage policy information, and provider 

4 accounting information. 

1 58. The method of claim 55 wherein said selected information about said 

2 registered terminals includes at least one of authorized user identity, terminal address, 

3 terminal security policy, terminal service plan identification, data encryption information, 

4 terminal status in network, network useage accounting information. 

1 59. The method of claim 55 wherein said selected network access and 

2 useage policies include at least one of public network access policy information, bandwidth 

3 useage policy information, and network traffic priority policy information. 

1 60. An apparatus for providing mobile terminals controlled access to a 

2 public network using the resources of a private network having a network access point for 

3 connecting with said mobile terminals and a public network connection for connecting with 

4 said public network, comprising: 

5 a network access server having a network interface for making a network 

6 connection with said access point and a network interface for making a network connection 

7 with said public network connection; 

8 said network access server being operational to control connection between 

9 said mobile terminals and said public network through said private network's public network 
10 connection without permitting said mobile terminals access to said private network. 

1 61 . A distributed system for providing mobile terminals controlled access 

2 to a public network using the public network connections of a plurality of private networks, 

3 comprising: 

4 a plurality of geographically distributed network access points for establishing 

5 network connections with one or more of said mobile terminals; 

6 a plurality of geographically distributed network access servers; 

7 a plurality of first network interfaces, each first network interface for 

8 connecting a said network access server with a selected group of said network access points; 

9 a plurality of second network interfaces, each second network interface for 

10 connecting a said network access server with a said public network connection of a said 

1 1 private network; 



68 



12 each said network access server being configured to establish and control a 

13 network connection between a said mobile terminal having a network connection with a said 

14 network access point and said public network through a said public network connection of a 

1 5 said private network without a network connection being established between said terminal 

16 and said private network; and 

17 an integration operator network located remotely from at least some of said 

1 8 plurality of network access servers and adapted to communicate with each of said network 

19 access servers over said public network, said integration operator network comprising 

20 facilities to form said network access servers into a distributed public network access 

21 network. 
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